漏洞标题 CVE-2023-35156: XWiki >= 6.0-rc-1 - Cross-Site Scripting 漏洞描述 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of i...

漏洞标题 CVE-2017-14186: FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting 漏洞描述 FortiGate FortiOS through SSL VPN Web Portal contains a cross-site scripting vulnerabi...

漏洞标题 CVE-2021-39152: XStream <1.4.18 - Server-Side Request Forgery 漏洞描述 XStream before 1.4.18 is susceptible to server-side request forgery. An attacker can request data...

漏洞标题 (CVE-2021-26086) Atlassian Jira Server/Data Center 路径遍历漏洞 漏洞描述 (CVE-2021-26086) Atlassian Jira Server/Data Center 路径遍历漏洞 PoC代码 暂无

漏洞标题 CasaOS < 0.4.4 逻辑漏洞(CVE-2023-37266) 漏洞描述 CasaOS是一个基于 Golang的简单、易用、优雅的开源家庭云系统。系统存在jwt逻辑漏洞，系统未验证jwt密钥，直接获取jwt公共信息...

漏洞标题 CVE-2021-44260: WAVLINK AC1200 - Information Disclosure 漏洞描述 A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27....

漏洞标题 CVE-2022-1713: Drawio <18.0.4 - Server-Side Request Forgery 漏洞描述 Drawio prior to 18.0.4 is vulnerable to server-side request forgery. An attacker can make a request...

漏洞标题 CVE-2018-18069: WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting 漏洞描述 WordPress plugin sitepress-multilingual-cms 3.6.3 is vulnerable to cross-site sc...

漏洞标题 CVE-2015-4666: Xceedium Xsuite <=2.4.4.5 - Local File Inclusion 漏洞描述 Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/read_sessionl...

漏洞标题 CVE-2021-44228: Apache Log4j2 Remote Code Injection 漏洞描述 Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect aga...

漏洞标题 CVE-2021-27748: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery 漏洞描述 IBM WebSphere HCL Digital Experience is vulnerable to server-side request forge...

漏洞标题 (CVE-2022-1815) 之前GitHub存储库jgraph/drawio 输入验证漏洞 漏洞描述 (CVE-2022-1815) 之前GitHub存储库jgraph/drawio 输入验证漏洞 PoC代码 暂无

BUUCTF：[第一章 web入门]常见的搜集 比起那些需要技巧的ctf赛题，还是感觉这种信息收集吸引人 寻找有用的信息 首先看了一下源码貌似没发现什么有价值的东西然后顾名思义估计是要在站点的路径中...

漏洞标题 CVE-2021-43798: Grafana v8.x - Arbitrary File Read 漏洞描述 Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to lo...

漏洞标题 CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator...

漏洞标题 CVE-2022-0784: WordPress Title Experiments Free <9.0.1 - SQL Injection 漏洞描述 WordPress Title Experiments Free plugin before 9.0.1 contains a SQL injection vulnerabil...